fix: add keepalive to logout fetch — prevents session lock orphan

The logout POST to /auth/logout was getting cancelled when the page
navigated to /login before the fetch completed. keepalive: true ensures
the request survives page unload so the Redis session lock is released.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

src/providers/auth-provider.tsx

@@ -119,6 +119,7 @@ export const AuthProvider = ({ children }: AuthProviderProps) => {
                 await fetch(`${apiUrl}/auth/logout`, {
                     method: 'POST',
                     headers: { Authorization: `Bearer ${token}` },
+                    keepalive: true, // survives page navigation — ensures session unlock completes
                     signal: AbortSignal.timeout(5000),
                 });
             } catch (err) {